WORM_IRCBOT.ABJ

Um einen Überblick über das Verhalten dieser Worm zu erhalten, verwenden Sie das unten gezeigte Bedrohungsdiagramm.

Wird möglicherweise von anderer Malware/Grayware/Spyware von externen Sites heruntergeladen. Wird möglicherweise unwissentlich von einem Benutzer beim Besuch bösartiger Websites heruntergeladen.

Verwendet bestimmte Listen mit Benutzernamen und Kennwörtern, um kennwortgeschützte Freigabedateien zu öffnen. Nutzt Software-Schwachstellen aus, um sich auf andere Computer in einem Netzwerk zu verbreiten.

Hört Ports ab. Führt Befehle eines externen, böswilligen Benutzers aus, wodurch das betroffene System gefährdet wird.

Startet bestimmte Überlastungsangriffe auf Ziel-Websites. Führt die besagte Routine aus, um zu verhindern, dass Benutzer diese Websites zu einem festgelegten Zeitpunkt öffnen können.

Entwendet CD-Schlüssel, Seriennummern und/oder die Produktkennung bestimmter Software. Cyber-Kriminelle können aus diesen Daten Profit schlagen. Zeichnet die Tastatureingaben eines Benutzers auf, um Daten zu entwenden.

Übertragungsdetails

Wird möglicherweise von anderer Malware/Grayware/Spyware von externen Sites heruntergeladen.

Wird möglicherweise unwissentlich von einem Benutzer beim Besuch bösartiger Websites heruntergeladen.

Installation

Schleust die folgenden Eigenkopien in das betroffene System ein:

• %System%\windowsupdate.exe

(Hinweis: %System% ist der Windows Systemordner. Er lautet in der Regel C:\Windows\System unter Windows 98 und ME, C:\WINNT\System32 unter Windows NT und 2000 sowie C:\Windows\System32 unter Windows XP und Server 2003.)

Autostart-Technik

Fügt folgende Registrierungseinträge hinzu, um bei jedem Systemstart automatisch ausgeführt zu werden.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\Run
Windows Firewall Updater = windowsupdate.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Windows\CurrentVersion\RunServices
Windows Firewall Updater = windowsupdate.exe

Andere Systemänderungen

Fügt die folgenden Registrierungsschlüssel hinzu:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
AllowUnqualifiedQuery = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
PrioritizeRecordData = 1

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
TCP1320Opts = 3

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
KeepAliveTime = dword:00023280

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
BcastQueryTimeout = dword:000002ee

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
BcastQueryTimeout = dword:000002ee

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
BcastNameQueryCount = dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
CacheTimeout = dword:0000ea60

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
Size/Small/Medium/Large = dword:00000003

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
LargeBufferSize = dword:00001000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
SynAckProtect = dword:00000002

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
PerformRouterDiscovery = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
EnablePMTUBHDetect = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
FastSendDatagramThreshold = dword:00000400

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
StandardAddressLength = dword:00000018

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DefaultReceiveWindow = dword:00004000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DefaultSendWindow = dword:00004000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
BufferMultiplier = dword:00000200

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
PriorityBoost = dword:00000002

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
IrpStackSize = dword:00000004

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
IgnorePushBitOnReceives = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DisableAddressSharing = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
AllowUserRawAccess = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DisableRawSecurity = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DynamicBacklogGrowthDelta = dword:00000032

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
FastCopyReceiveThreshold = dword:00000400

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
LargeBufferListDepth = dword:0000000a

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
MaxActiveTransmitFileCount = dword:00000002

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
MaxFastTransmit = dword:00000040

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
OverheadChargeGranularity = dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
SmallBufferListDepth = dword:00000020

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
SmallerBufferSize = dword:00000080

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
TransmitWorker = dword:00000020

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DNSQueryTimeouts = {hex values}

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DefaultRegistrationTTL = dword:00000014

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DisableReplaceAddressesInConflicts = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DisableReverseAddressRegistrations = dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
UpdateSecurityLevel = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DisjointNameSpace = dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
QueryIpMatching = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
NoNameReleaseOnDemand = dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
EnableDeadGWDetect = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
EnableFastRouteLookup = dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
MaxFreeTcbs = dword:000007d0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
MaxHashTableSize = dword:00000800

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
SackOpts = dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
Tcp1323Opts = dword:00000003

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
TcpMaxDupAcks = dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
TcpRecvSegmentSize = dword:00000585

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
TcpSendSegmentSize = dword:00000585

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
DefaultTTL = dword:00000030

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
TcpMaxHalfOpen = dword:0000004b

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
TcpMaxHalfOpenRetried = dword:00000050

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
TcpTimedWaitDelay = dword:00000000

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
MaxNormLookupMemory = dword:00030d40

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
FFPControlFlags = dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
FFPFastForwardingCacheSize = dword:00030d40

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
MaxForwardBufferMemory = dword:00019df7

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
MaxFreeTWTcbs = dword:000007d0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
GlobalMaxTcpWindowSize = dword:0007d200

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
EnablePMTUDiscovery = dword:00000001

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\Tcpip\Parameters
ForwardBufferMemory = dword:00019df7

HKEY_CURRENT_USER\Software\Microsoft\
OLE
Windows Firewall Updater = windowsupdate.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\
Ole
EnableRemoteConnect = N

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\lanmanserver\parameters
AutoShareServer = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\lanmanserver\parameters
AutoShareWks = 0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\wscsvc
Start = dword:00000004

Erstellt den oder die folgenden Registrierungseinträge, um die Windows Firewall zu umgehen:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\SharedAccess\Parameters\
FirewallPolicy\StandardProfile\AuthorizedApplications\
List
C:\\WINDOWS\\System32\\windowsupdate.exe = C:\WINDOWS\System32\windowsupdate.exe:*:Enabled:Windows Firewall Updater

Verbreitung

Verwendet die folgenden Listen mit Benutzernamen und Kennwörtern, um kennwortgeschützte Freigabedateien zu öffnen:

• Administrator
• administrator
• administrador
• administrateur
• administrat
• admins
• admin
• staff
• computer
• owner
• student
• teacher
• wwwadmin
• guest
• default
• database
• oracle
• ADMINISTRATOR
• Administrator
• administrator
• fubar
• GUEST
• ADMIN
• PASSWORD
• SHARE
• ladeda
• FILES
• OWNER
• Owner
• ACCESS
• BACKUP
• SYSTEM
• SERVER
• pepsi
• LOCAL
• linux
• changeme
• Changeme
• temp123
• 12345
• 123456
• 1234567
• 12345678
• 123456789
• 654321
• 54321
• 11111111
• 88888888
• passwd
• database
• abc123
• oracle
• sybase
• 123qwe
• computer
• Internet
• super
• 123asd
• ihavenopass
• godblessyou
• enable
• 111111
• 121212
• 123123
• 1234qwer
• 123abc
• alpha
• patrick
• foobar
• Nilez
• devil
• netdevil
• net-devil
• 0wned
• owned
• irule
• netfuck
• fucked
• crash
• test123
• secret
• login
• mypc123
• admin123
• pw123
• mypass
• mypass123
• Matthew
• satan
• satanik
• satanic
• spaceman
• heaven
• 0wn3d
• killer
• hacker
• hax0r
• script
• scriptkiddie
• kiddie
• uwontguessme
• youwontguessme
• guessme
• xxxxx
• xxxxxx
• xxxxxxx
• xxxxxxxx
• xxxxxxxxx
• death
• testing
• 00000
• 000000
• academia
• academic
• accept
• account
• action
• adrian
• adrianna
• adult
• aerobics
• airplane
• alaska
• albany
• albatros
• albert
• alert
• alexande
• algebra
• alias
• aliases
• alice
• alicia
• alisa
• alison
• allison
• allow
• alphabet
• amadeus
• amanda
• amber
• america
• amorphou
• analog
• anarchis
• anarchy
• anchor
• andrea
• android
• andromac
• angela
• angerine
• angie
• animal
• animals
• anita
• annette
• anonymou
• answer
• anthrax
• anthropo
• anvils
• anything
• apollo13
• april
• ariadne
• arlene
• arrow
• arthur
• artist
• asian
• asshole
• athena
• atmosphe
• attack
• authoriz
• aztecs
• azure
• bacchus
• backdoor
• badass
• bailey
• banana
• bananas
• bandit
• banks
• barbara
• barber
• baritone
• bartman
• baseball
• basic
• bassoon
• batch
• batman
• beach
• beammeup
• beast
• beater
• beauty
• beaver
• becky
• beethove
• begin
• behead
• beloved
• beowulf
• berkeley
• berlin
• berliner
• beryl
• betsie
• betty
• beverly
• bible
• bicamera
• bigfoot
• binary
• bishop
• bitch
• bitmap
• bitnet
• black
• blonde
• blondie
• blood
• bloodaxe
• blowjob
• blues
• board
• boner
• boobs
• boyscout
• bradley
• brandi
• brandy
• bravo
• break
• breast
• brenda
• brian
• bridget
• broadway
• brothel
• brunette
• brute
• brutefor
• bulls
• bullshit
• bumbling
• burgess
• butch
• butthead
• californ
• camille
• campanil
• camping
• candi
• candy
• cantor
• captain
• capture
• cardinal
• caren
• carla
• carmen
• carol
• carole
• carolina
• caroline
• carrie
• carson
• cascades
• castle
• catherin
• catholic
• cathy
• cayuga
• cecily
• celtic
• celtics
• cerulean
• change
• charity
• charles
• charlie
• charming
• charon
• chemistr
• chess
• chester
• chris
• christin
• christy
• cigar
• cigarett
• cindy
• class
• classes
• classic
• claudia
• claymore
• cleavage
• clinton
• cluster
• clusters
• coast
• cocacola
• cocainco
• codename
• codeword
• coffee
• collins
• color
• combat
• comics
• commit
• commrade
• company
• computin
• comrade
• comrades
• condo
• condom
• connect
• connie
• conserva
• console
• continue
• cookbook
• cookie
• cooper
• copper
• corneliu
• correct
• counters
• country
• couscous
• cowboy
• crack
• crackpot
• cream
• create
• creation
• creature
• credit
• creosote
• cretin
• crime
• criminal
• cristina
• crystal
• cshrc
• customer
• cyber
• cyberpun
• cyberspa
• cynthia
• daemon
• daisy
• dancer
• daniel
• danielle
• danny
• dapper
• darkaven
• deathsta
• debbie
• deborah
• debug
• december
• default
• DEFAULT
• defoe
• delta
• deluge
• democrat
• denise
• dennis
• desiree
• desktop
• desperat
• develop
• device
• diamond
• diana
• diane
• diehard
• dieter
• digital
• dinosaur
• dipshit
• direct
• director
• dirty
• discipli
• disclose
• discover
• diskette
• disney
• display
• doctor
• dollar
• doom2
• doomii
• doomsday
• doonesbu
• doors
• download
• dragon
• drdoom
• drive
• drought
• duelist
• dulce
• duncan
• dungeon
• eager
• eagle
• earth
• easier
• eatme
• eddie
• edges
• edinburg
• edition
• education
• educatio
• edwin
• edwina
• egghead
• eiderdow
• eileen
• einsiein
• einstein
• elaine
• elanor
• electron
• elephant
• elizabet
• ellen
• email
• emerald
• emily
• emmanuel
• enemy
• engine
• engineer
• england
• english
• enter
• enterpri
• enzyme
• erenity
• erica
• erika
• erotic
• ersatz
• establis
• estate
• eternity
• euclid
• evelyn
• expert
• explode
• explore
• explorer
• explosiv
• extensio
• fairway
• faith
• falcon
• false
• family
• farad
• faraday
• felicia
• fender
• fermat
• ferrari
• fidelity
• field
• fight
• finite
• firewall
• fishers
• flakes
• float
• florida
• flower
• flowers
• foolproo
• football
• force
• foresigh
• forever
• format
• fornicat
• forsythe
• fourier
• foxtrot
• france
• frank
• freak
• freedom
• french
• friday
• friend
• friends
• frighten
• fryguy
• fucker
• fucking
• fuckme
• fuckyou
• fudge
• function
• fungible
• gabriel
• games
• gardner
• garfield
• gateway
• gatherin
• gauss
• george
• gertrude
• ghost
• gibson
• gigabyte
• ginger
• glacier
• golden
• golfer
• gorgeous
• gorges
• gosling
• gouge
• govermen
• grades
• graham
• grahm
• grand
• grant
• great
• green
• group
• gryphon
• guardian
• gucci
• guess
• guitar
• gumption
• guntis
• hacked
• hagar
• hallowee
• hamlet
• hamster
• handel
• handily
• handjob
• happenin
• hardcore
• harddriv
• harmony
• harold
• harvey
• haven
• hawaii
• headbang
• heathen
• heather
• hebrides
• heidi
• heinlein
• hello
• herbert
• heroin
• hewlett
• hexadeci
• hiawatha
• hibernia
• hidden
• highland
• hitler
• holly
• hollywoo
• homepage
• homer
• homework
• honey
• hooker
• hooters
• horny
• horrible
• horror
• horse
• horus
• hotdog
• hotel
• hunter
• hutchins
• hydrogen
• hyper
• hypertxt
• icecream
• illumina
• image
• imbrogli
• immortal
• imperial
• include
• india
• indian
• indiana
• indians
• ingres
• ingress
• ingrid
• innocuou
• input
• inside
• integer
• invent
• irene
• irishman
• jackie
• janet
• janice
• janie
• japan
• jasmin
• jeanne
• jenni
• jennifer
• jenny
• jerry
• jerusale
• jessica
• jester
• jewelry
• jixian
• joanne
• johndoe
• johnny
• joseph
• joshua
• journal
• joyce
• judith
• juggle
• juicy
• julia
• julie
• juliet
• jupiter
• karen
• karie
• karina
• katana
• kathleen
• kathrine
• kathy
• katina
• katrina
• kelly
• kermit
• kernel
• kerri
• kerrie
• kerry
• kevin
• keybord
• keyin
• keyword
• killthem
• kimberly
• kirkland
• kissmyas
• kitten
• klingon
• knife
• knight
• knightma
• known
• krista
• kristen
• kristi
• kristie
• kristin
• kristine
• kristy
• ladies
• ladle
• lakers
• lambda
• laminati
• laptop
• larkin
• larry
• laser
• laura
• lazarus
• lazer
• lebesgue
• leftwing
• legal
• leland
• leroy
• lesbian
• leslie
• letmein
• lewis
• lexluthe
• liberal
• library
• licker
• light
• lightsab
• limbaugh
• limited
• linda
• literatu
• lockout
• lockword
• logic
• loginwor
• logout
• lolopc
• loose
• lorin
• lorraine
• loser
• louis
• lovebug
• lover
• lucus
• lynne
• machine
• macintos
• macro
• maggot
• magic
• magnet
• maint
• malcolm
• malcom
• manager
• marci
• marcy
• maria
• mariens
• marietta
• marijuan
• marines
• markus
• marni
• marriage
• marty
• marvin
• mason
• master
• maurice
• meagan
• megabyte
• megadeth
• megan
• melissa
• mellon
• melrose
• member
• memory
• menace
• mercury
• merlin
• metal
• metalhea
• metalica
• michael
• michel
• michelan
• michele
• michelle
• mickey
• micro
• microchi
• micropro
• microsof
• midieval
• minimum
• minsky
• misfit
• mission
• modem
• mogul
• moguls
• monday
• monica
• moose
• morley
• morris
• mortal
• mortalco
• mortgage
• mosaic
• mountain
• mouse
• movie
• movies
• mozart
• msdos
• muppets
• mutant
• nagel
• nancy
• napoleon
• nepenthe
• neptune
• netscape
• network
• newborn
• newsgrou
• newton
• newyork
• nicole
• nicotine
• night
• nightmar
• nintendo
• nnaacp
• noble
• nobody
• noreen
• notes
• novel
• november
• noxious
• nuclear
• nukem
• number
• nutritio
• nyquist
• obscurit
• oceanogr
• ocelot
• office
• oldage
• olivetti
• olivia
• omega
• opening
• openlock
• opensesa
• operator
• orient
• orwell
• oscar
• osiris
• outdoors
• outlaw
• output
• outside
• oxford
• pacific
• packard
• packer
• painless
• paint
• pakistan
• pamela
• paper
• papers
• pascal
• passphra
• paste
• patricia
• patriot
• patty
• paula
• peanuts
• pecker
• pencil
• penelope
• penguin
• penis
• penname
• pentagon
• pentagra
• penthous
• pentium
• peoria
• pepper
• percolat
• perfect
• permit
• persimmo
• persona
• pervert
• peter
• philip
• phoenix
• phone
• photon
• phrack
• phrase
• phreak
• phuck
• pierre
• pinname
• pizza
• plane
• playboy
• plover
• pluto
• plymouth
• poetry
• police
• polly
• polynomi
• ponderin
• porno
• porsche
• poster
• power
• praise
• precious
• prelude
• presto
• prince
• princeto
• printer
• private
• privs
• proceed
• processo
• professo
• profile
• program
• prompt
• protect
• protozoa
• psycho
• psychopa
• public
• pumpkin
• puneet
• punisher
• puppet
• pussy
• quebec
• qwert
• qwerty
• rabbit
• rachel
• rachelle
• rachmani
• rainbow
• raindrop
• raleigh
• random
• rascal
• razor
• reagan
• reality
• really
• reaper
• rebal
• rebecca
• rebel
• record
• reddawn
• redhead
• referenc
• regional
• release
• remote
• renee
• report
• republic
• resistan
• reveal
• rhino
• riffraff
• right
• rightwin
• ripple
• roach
• robert
• robin
• robot
• robotics
• robyn
• rochelle
• rocheste
• rocky
• rockyhor
• rodent
• rolex
• romano
• romeo
• romulan
• ronald
• rosebud
• rosemary
• roses
• rough
• rubber
• ruben
• rules
• running
• salami
• samantha
• sample
• sandra
• sandy
• sarah
• saturday
• saturn
• saxon
• scamper
• scheme
• school
• schoolsucks
• scifi
• scorpion
• scott
• scotty
• scout
• search
• security
• sensor
• sentinel
• sentry
• serenity
• serial
• service
• sesame
• shannon
• sharc
• shark
• sharks
• sharon
• sheffiel
• sheldon
• shell
• sherri
• shift
• shirley
• shitpot
• shiva
• shivers
• short
• shuttle
• sierra
• signatur
• silver
• simcity
• simon
• simple
• simpsons
• simulati
• singer
• single
• skull
• slave
• slick
• sliders
• small
• smart
• smile
• smiles
• smooch
• smother
• snach
• snafu
• snake
• snatch
• snoopy
• social
• socrates
• sodomy
• software
• somebody
• sondra
• sonia
• sonic
• sonya
• sossina
• source
• south
• spaceshi
• sparrows
• spear
• spell
• spice
• spider
• spiderma
• spred
• spring
• springer
• spunk
• squires
• stacey
• staci
• stacie
• stacy
• starship
• start
• startrek
• startup
• starwars
• steak
• steal
• steel
• steph
• stephani
• stereo
• steve
• stoneage
• stoned
• stones
• strange
• strangle
• stratfor
• streetfi
• string
• strip
• student
• stuttgar
• subscrib
• subway
• success
• suckmydi
• sucks
• summer
• sunday
• superman
• superson
• supersta
• superuse
• supervis
• support
• supporte
• surfer
• surfing
• susan
• susanne
• susie
• suzanne
• suzie
• swearer
• sweat
• switch
• sword
• sybil
• symmetry
• sysadmin
• sysop
• tabasco
• tamara
• tamie
• tammy
• tangerin
• tango
• target
• tarragon
• taylor
• teacher
• teapot
• tears
• teenage
• telephon
• telnet
• temptati
• tennis
• terminal
• terminat
• tetris
• thailand
• theresa
• thursday
• tiffany
• tiger
• toggle
• token
• tokenrin
• tomato
• topograp
• tortoise
• toxic
• toyota
• traci
• tracie
• tracy
• trails
• transfer
• trapdoor
• trisha
• trivial
• trojan
• trombone
• truth
• tubas
• tuesday
• tuttle
• umesh
• uncle
• unhappy
• unicorn
• uniform
• universa
• universe
• universi
• unknown
• unlock
• upload
• uranus
• urchin
• ursula
• usenet
• usermane
• username
• utility
• vagina
• valerie
• vampire
• vasant
• venus
• veronica
• vertigo
• vicky
• victor
• video
• videogam
• village
• virgin
• virginia
• virus
• visitor
• visual
• visualba
• vodka
• warez
• warfare
• wargames
• warren
• watchwor
• water
• webpage
• wednesda
• weenie
• wendi
• wendy
• werewolf
• western
• whatever
• whatnot
• whisky
• white
• whiting
• whitney
• wholesal
• whore
• william
• williams
• willie
• wilma
• windows
• winston
• wired
• wisconsi
• wiseass
• within
• wizard
• wolverin
• woman
• wombat
• women
• woodwind
• wordperf
• wormwood
• wyoming
• xmodem
• xyzzy
• yankee
• yellow
• yellowst
• yolanda
• yosemite
• young
• zebra
• zeitgeis
• ziggy
• zimmerma
• zmodem
• zombie
• 00000000
• tester
• testin
• Rosco
• RoscoP
• RoscoPColtrane
• dudette
• Alexander
• donaldduck
• wileecoyote
• windowz
• windoze
• windose
• billy
• WindowsXP
• windows2k
• windowsME
• windows98
• windows95
• windozexp
• windoze2k
• windozeME
• windoze98
• windoze95
• wh0r3
• wh0re
• haxing
• h4x1ng
• h4x0r1ng
• h4x0ring
• albatross
• amorphous
• andromache
• anthropogenic
• atmosphere
• beethoven
• bicameral
• campanile
• catherine
• chemistry
• christina
• christine
• commrades
• cornelius
• desperate
• discovery
• edinburgh
• eiderdown
• elizabeth
• enterprise
• establish
• extension
• foolproof
• foresight
• happening
• imbroglio
• innocuous
• lamination
• macintosh
• nutrition
• oceanography
• percolate
• persimmon
• polynomial
• pondering
• princeton
• professor
• rachmaninoff
• rochester
• sheffield
• signature
• stephanie
• stratford
• stuttgart
• superstage
• superuser
• supported
• tangerine
• telephone
• temptation
• topography
• wholesale
• williamsburg
• wisconsin
• yellowstone
• zimmerman

Nutzt die folgenden Software-Schwachstellen aus, um sich auf andere Computer in einem Netzwerk zu verbreiten:

• MS03-039 Buffer Overrun In RPCSS Service

Backdoor-Routine

Hört folgende Ports ab:

• TCP port 4003

Verbindet sich mit einem oder mehreren der folgenden IRC-Server:

• {BLOCKED}.pwnz.org

Führt die folgenden Befehle eines externen, böswilligen Benutzers aus:

• Download and execute files
• Send files
• Launch DDOS attack
• Terminate antivirus/firewall processes
• Obtain certain system information

Denial-of-Service-Angriff (DoS)

Startet die folgenden Überlastungsangriffe auf Ziel-Websites:

• Ping Flood
• SYN Flood
• UDP Flood

Datendiebstahl

Zielt auf die folgenden Websites ab:

• e-gold
• PayPal
• StormPay
• Vodafone
• Poste Italiane
• Yahoo!
• Banca Sella
• Bank Of America
• Benvenuto a gmail
• banca
• poker
• rapidshare

Entwendet CD-Schlüssel, Seriennummern und/oder die Produktkennung bestimmter Software.

Zeichnet die Tastatureingaben eines Benutzers auf, um Daten zu entwenden.